Skip to content

v2.2.0-rc.2

Pre-release
Pre-release
Compare
Choose a tag to compare
@ory-bot ory-bot released this 13 Jun 14:15
· 189 commits to master since this release
v2.2.0-rc.2
b183040
This commit was signed with the committer’s verified signature.
aeneasr hackerman
GPG key ID: 1A463E422E5E2222
Learn about vigilant mode.

This release optimizes the performance of authorization code grant flows by minimizing the number of database queries. We acheive this by storing the flow in an AEAD-encoded cookie and AEAD-encoded request parameters for the authentication and consent screens.

BREAKING CHANGE:

  • The client that is used as part of the authorization grant flow is stored in the AEAD-encoding. Therefore, running flows will not observe updates to the client after they were started.
  • Because the login and consent challenge values now include the AEAD-encoded flow, their size increased to around 1kB for a flow without any metadata (and increases linearly with the amount of metadata). Please adjust your ingress / gateway accordingly.

Bug Fixes

  • Version clash in apk install (24ebdd3)

Code Generation

  • Pin v2.2.0-rc.2 release commit (b183040)

Features

Changelog

  • 4194d75 autogen(docs): regenerate and update changelog
  • 898aa00 autogen(docs): regenerate and update changelog
  • b183040 autogen: pin v2.2.0-rc.2 release commit
  • a8ecf80 feat: hot-reload Oauth2 CORS settings (#3537)
  • 3ec683d feat: sqa metrics v2 (#3533)
  • 24ebdd3 fix: version clash in apk install

Artifacts can be verified with cosign using this public key.

Assets 40